Accepted node-xmldom 0.1.27+ds-1+deb10u2 (source) into oldstable

To: dispatch@tracker.debian.org, debian-lts-changes@lists.debian.org
Subject: Accepted node-xmldom 0.1.27+ds-1+deb10u2 (source) into oldstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sun, 01 Jan 2023 16:20:20 +0000
Message-id: <[🔎] E1pC14O-00B3cB-EM@seger.debian.org>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 31 Dec 2022 21:14:05 +0100
Source: node-xmldom
Architecture: source
Version: 0.1.27+ds-1+deb10u2
Distribution: buster-security
Urgency: high
Maintainer: Debian Javascript Maintainers <pkg-javascript-devel@lists.alioth.debian.org>
Changed-By: Guilhem Moulin <guilhem@debian.org>
Closes: 1024736
Changes:
 node-xmldom (0.1.27+ds-1+deb10u2) buster-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * CVE-2022-39353: xmldom parses XML that is not well-formed because it
     contains multiple top level elements, and adds all root nodes to the
     childNodes collection of the Document, without reporting any error or
     throwing. (Closes: #1024736)
   * CVE-2021-21366: xmldom does not correctly preserve system identifiers,
     FPIs or namespaces when repeatedly parsing and serializing maliciously
     crafted documents.
Checksums-Sha1:
 7ae43011419f17af7c837c2e4da61c74fde7733a 2084 node-xmldom_0.1.27+ds-1+deb10u2.dsc
 e32dd7505ce4e0d70ec72b01e8ba486c719452e3 10268 node-xmldom_0.1.27+ds-1+deb10u2.debian.tar.xz
 e890fd933ea29587290f770580870e7350b47f60 5852 node-xmldom_0.1.27+ds-1+deb10u2_amd64.buildinfo
Checksums-Sha256:
 6c7caa9cb553f18877f5881413c9530d8231eeaff8801102586df45713b56507 2084 node-xmldom_0.1.27+ds-1+deb10u2.dsc
 0241692cedcbc10c7064d60182de5d19fb8d1cfdacdda08db4d9aeaffa0fa6d2 10268 node-xmldom_0.1.27+ds-1+deb10u2.debian.tar.xz
 56270c2faa674b24a99ec9e6383f307d5aef15e334269536af8b83752195f411 5852 node-xmldom_0.1.27+ds-1+deb10u2_amd64.buildinfo
Files:
 c0065a718c48285df53a8dddb6d7fd3f 2084 javascript optional node-xmldom_0.1.27+ds-1+deb10u2.dsc
 a534934731076d8ab464155c65660310 10268 javascript optional node-xmldom_0.1.27+ds-1+deb10u2.debian.tar.xz
 ae8a6efb00acc28f4afebb882fb077c1 5852 javascript optional node-xmldom_0.1.27+ds-1+deb10u2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmOxqvkACgkQ05pJnDwh
pVLTdxAAh8TPHlNSzdq34qv0Sy1NU2NU/mE+flFKO+XVbkS4brUMroP+c1NI5sIe
J3tcGEBSHqovBkRTpnJCgqdmXz19bL0oTOTCPGqkuKg7rDHdw+n9rUTHKpYPa/sz
4RPmWBOgZhzLgOR03g9010g/aak6nBvRsR4DzqN6ixUp9WObV+MxUhDiUXuA0s8U
itIy0SCYQN6Juyir2MUOuGQC59r8MBlix4e0h/ENJ0SZTAn2688tO2IbSnKGutVs
oyRbel0OkLrunRduhEUPkGM4Ch24eZcuvAXNwCbScmu8RrrTvbsLgYu8jkgsSwnl
1trdoLTpwLTWbw2xlc0ZEYP6HnGWqUWwkxdYT8GvPbBKxZ0u5oMPQOXPsE1unCpm
tsyyM5dJAJkA84ZmS1PUPNcyb22gFxOTH+0LCfSzfzpJiqDtLi8/SnQALXV6zlZi
fwLd23+oWqbalSitdmpaD5GoTquZqx1+76PlNlWAGUORwomysyFpMzM2TZRFuidw
lBikUDcCxs+X1oYdG1nNNTG80o2MyYbkyK0pug0y5E7Daos0HHl6Vh5SgYuLkCj0
Ec2+hYtbt+NLSsGpvAa+MAbBt4ZRoi26KpoifqV5ASO0NL9BTDK9R6MrUEliHQ3x
LJCl1KZEOnAntBj6c1G4dkKbwpSMrwhnLZ3e5zQGW25i99KzI40=
=wn17
-----END PGP SIGNATURE-----

Reply to:

Next by Date: Accepted libetpan 1.9.3-2+deb10u2 (source amd64 all) into oldstable
Next by thread: Accepted libetpan 1.9.3-2+deb10u2 (source amd64 all) into oldstable
Index(es):
- Date
- Thread